<?php
$conn = mysqli_connect("localhost", "root", "", "doctor");
if (!$conn) {
    die("Ошибка: " . mysqli_connect_error());
}
?>
<!DOCTYPE html>
<html>
	<head>
    <meta charset="UTF-8">
	<link rel="stylesheet" href="style.css">
	<link rel="preconnect" href="https://fonts.gstatic.com">
	<link href="https://fonts.googleapis.com/css2?family=Open+Sans&display=swap" rel="stylesheet">
	
    <title>Частная клиника имени Лазарева</title>
		</head>
<body style="margin-left: 80px;">
<?php
// если запрос GET
if($_SERVER["REQUEST_METHOD"] === "GET" && isset($_GET["id"]))
{
    $userid = mysqli_real_escape_string($conn, $_GET["id"]);
    $sql = "SELECT * FROM doctors WHERE id_doctor = '$userid'";
    if($result = mysqli_query($conn, $sql)){
        if(mysqli_num_rows($result) > 0){
            foreach($result as $row){
                $doctor_photo = $row["doctor_photo"];
                $doctor_name = $row["doctor_name"];
				$doctor_dolj = $row["doctor_dolj"];
            }
            echo "<div class='container'>
			<h3>Редактирование $doctor_name</h3>
                <form method='post' enctype = 'multipart/form-data'>
					<div class='row'>
                    <input type='hidden' name='id_doctor' value='$userid'/>
                    <p>Фото:
                    <br><input type='text' name='doctor_photo' value='$doctor_photo'/></p>
                    <p>Имя:
                    <br><input type='text' name='doctor_name' value='$doctor_name'/></p>
					<p>Должность:
                    <br><input type='text' name='doctor_dolj' value='$doctor_dolj'/></p>
					<div class='row'>
                    <br><input type='submit' value='Сохранить' class='btn'>
				</form>
				<br><a class='btn' href='add_lost_cat.php'>Назад</a>
				</div>
				</div>
				</div>";
        }
        else{
            echo "<div>Пользователь не найден</div>";
        }
        mysqli_free_result($result);
    } else{
        echo "Ошибка: " . mysqli_error($conn);
    }
}
elseif (isset($_POST["id_doctor"]) && isset($_POST["doctor_photo"]) && isset($_POST["doctor_name"])&& isset($_POST["doctor_dolj"])) {
      
    $userid = mysqli_real_escape_string($conn, $_POST["id_doctor"]);
    $doctor_photo = mysqli_real_escape_string($conn, $_POST["doctor_photo"]);
    $doctor_name = mysqli_real_escape_string($conn, $_POST["doctor_name"]);
	$doctor_dolj = mysqli_real_escape_string($conn, $_POST["doctor_dolj"]);
      
    $sql = "UPDATE doctors SET doctor_photo = '$doctor_photo', doctor_name = '$doctor_name', doctor_dolj = '$doctor_dolj' WHERE id_doctor = '$userid'";
    if($result = mysqli_query($conn, $sql)){
        header("Location: add_lost_cat.php");
    } else{
        echo "Ошибка: " . mysqli_error($conn);
    }
}
else{
    echo "Некорректные данные";
}
mysqli_close($conn);
?>
</body>
</html>